Utopia Net: Anti-Virus E-mail Technical Overview


eBusiness Services		Team UTOPIA NET
eBusiness Applications		Got BLOG?
Web Hosting		Support
Success Stories		Jobs
Contact Us	Search	Affiliate Program

Infrastructure

| WebSiteOS

| Reseller Hosting

| Web Hosting

What is Web Hosting?

| Enhanced Hosting Services

| Reseller Web Hosting Chart

| Hosting Comparison Chart

E-mail Packages

| Hosting Plans

| Comparison Charts

| Uptime Guarantee

Money Back Guarantee

| Reseller Hosting

| WebSiteOS

| Infrastructure

Anti-Virus

| Hosted MS-SQL Server Pricing

| Network Abuse Policy

hosting | Anti-Virus | Anti-Virus E-mail Technical Overview

Anti-Virus E-mail Technical Overview

Technical Overview of Email Virus Scan Powered by Symantec

Email Virus Scan Powered by Symantec incorporates Symantec�s Norton Anti-Virus Extension (NAVEX�) technology. This modular virus-scanning engine lets the engineers in the Symantec AntiVirus Research Center (SARC�) quickly update and redistribute the relevant elements of Norton AntiVirus software efficiently and effectively. The benefit of this is faster virus fixes.

NAVEX� technology is integrated into all Norton AntiVirus products. NAVEX� enables SARC� to seamlessly update the scanning engine during normal virus definition updates. It�s the only solution of its kind available to users of AV software today.

In addition, Email Virus Scan leverages email AV security by incorporating Symantec Bloodhound� technology. This powerful tool is capable of detecting 80% of new and unknown executable file viruses including malicious mobile code. LiveUpdate� is another tool provided in the Symantec solution which provides scheduled or on-demand updates to assure protection without interruption of our email server.

Traditional anti-virus software architecture

The typical AV program comprises two major components: the scanning application and the scanning engine.

The scanning application provides a user interface, alert functions, and logging mechanisms. The application determines which files to scan and how to react when a virus is found. However, it knows absolutely nothing about computer viruses. Every time it scans a file or floppy disk, it calls upon the scanning engine to detect computer viruses in the designated location.

If the scanning engine locates a virus, it reports back to the scanning application. The scanning application then informs the user of the infection and prompts the user to repair the file. If the user chooses to do so, the scanning application again calls upon the scanning engine to repair the infected file or disk.
In contrast to the scanning application, the engine knows nothing about user interfaces, which files to scan, or what to tell the user when it finds a virus.

Drawbacks to the traditional AV architecture

A new version of the AV product must be released to eradicate a special case virus. When a virus is discovered that cannot be handled by a simple fingerprint update, the entire AV program must be updated and reinstalled. Even if no changes are required to the scanning application itself, changes to the scanning engine require new deployment of the entire product.

The AV software on each supported platform must be updated to include the new scanning engine logic. And each of these new product in-lines must be deployed by the IT organization.

Every AV installation requires IT time, money, and resources

End user productivity continues to be affected until complete AV protection is achieved across the enterprise.

In all AV programs except the Norton Anti-Virus family, the scanning application and the scanning engine are fused into one inseparable component

The Symantec Advantage

The modular Norton AntiVirus architecture enables Symantec to send out compact updates to the NAVEX� engine instead of the full software updates required by other AV products. This approach makes it far easier for us to get updates from Symantec and implement them into our email servers.

There are three ways in which we can get virus updates from Symantec; LiveUpdate� sessions, in which Email Virus Scan dials in to a Symantec server to download the latest updates to virus definitions. Downloads from the Symantec web site Scan and Deliver responses. Scan and Deliver is a feature of Norton AntiVirus that emails newly detected virus strains to the Symantec AntiVirus Research Center for identification. (To protect the privacy of your company�s documents, only the virus is sent, not the entire infected file.) SARC� researchers can then respond via email with a new virus definition to treat the infection. If necessary, the new virus definition can include a new NAVEX� engine.

Each NAVEX� engine is generated from one set of source code. That means SARC engineers only need to modify the program logic once in order to properly update the scanning engines for all Norton AntiVirus products-for both real-time and on-demand scanning functions. This single code-base approach gives our email servers consistent AV protection.

With complex new viruses becoming the norm rather than the exception, it is more important than ever to employ an AV product that has a modular engine. This architecture can save countless hours of testing, updating, manual virus elimination to our email servers.

Without NAVEX� technology, there are two choices: pay a lot more for good protection, or stay unprotected.

CP1 Control Panel | CP2 Control Panel | WebMail | Client Login